7 thoughts on “The Homelab Show Episode 97: Network Traffic Monitoring & Filtering”
Hi Jay! I like to use Pi-Hole also, but how do you configure pfblockerng in pfsense just to use the GeoIP blocking only, and disable its ad blocking, and block list?
I believe my boss had eight monitors on the main computer. I believe six or seven screens were dedicated to monitoring with routing and pings. I worked on the more detailed monitoring servers, and created graphs and status pages. We had about 4,000 company devices on the network, plus a number of user devices, where they linked their locations, or some we even did their BGP routing, or backup routing.
THE biggest reason I got into computer security is because as a middle/high school kid I kept coming up against windows and mac security management software as well as various internet site blocking solutions. I learned all kinds of ways around things from simple stuff like using task manager to kill security software or use programming tools to inject garbage into the application's protected memory space to force it to crash, or in the case of upstream internet, my school used network filtration software so I worked with a friend online to spin up an internet accessable encrypted proxy server. these days if I encounter that on a locked down computer/network (such as the university I work at), I just connect to any number of servers that I have running via ssh and use the integrated proxy. – data is encrypted, and so long as you reasonably trust the machine on the other end (and/or are using ssl encrypted sites anyway which most of them are these days), noone is the wiser…. at the end of the day, however, you're solving for a social issue with a technical solution… it doesn't work. how about, idk, letting people access the things that they want to access? heck, a copy of tails on a flash drive is enough to get the internet and more on most machines these days. computers should do what their users tell them.
I used pfsense on kvm VM for sometime, couldn't get the host machine to reach the internet tho. You might be able to do it creating your own ip links, but didn't bother too much on it since I was already planning to move my pfsense to a router
tnx for the content !
I love security onion it's amazing
Honestely I love Cloudflare but they are US based.. I'd prefer going to quad9 for dns or anything else as far as privacy or security is concerned…. US has too many backdoors into tech…. Not even only talking about the US government.
Hi Jay! I like to use Pi-Hole also, but how do you configure pfblockerng in pfsense just to use the GeoIP blocking only, and disable its ad blocking, and block list?
I believe my boss had eight monitors on the main computer. I believe six or seven screens were dedicated to monitoring with routing and pings. I worked on the more detailed monitoring servers, and created graphs and status pages. We had about 4,000 company devices on the network, plus a number of user devices, where they linked their locations, or some we even did their BGP routing, or backup routing.
THE biggest reason I got into computer security is because as a middle/high school kid I kept coming up against windows and mac security management software as well as various internet site blocking solutions. I learned all kinds of ways around things from simple stuff like using task manager to kill security software or use programming tools to inject garbage into the application's protected memory space to force it to crash, or in the case of upstream internet, my school used network filtration software so I worked with a friend online to spin up an internet accessable encrypted proxy server. these days if I encounter that on a locked down computer/network (such as the university I work at), I just connect to any number of servers that I have running via ssh and use the integrated proxy. – data is encrypted, and so long as you reasonably trust the machine on the other end (and/or are using ssl encrypted sites anyway which most of them are these days), noone is the wiser…. at the end of the day, however, you're solving for a social issue with a technical solution… it doesn't work. how about, idk, letting people access the things that they want to access? heck, a copy of tails on a flash drive is enough to get the internet and more on most machines these days. computers should do what their users tell them.
I used pfsense on kvm VM for sometime, couldn't get the host machine to reach the internet tho. You might be able to do it creating your own ip links, but didn't bother too much on it since I was already planning to move my pfsense to a router
tnx for the content !
I love security onion it's amazing
Honestely I love Cloudflare but they are US based.. I'd prefer going to quad9 for dns or anything else as far as privacy or security is concerned…. US has too many backdoors into tech…. Not even only talking about the US government.